Authentication systems aim to identify fraudulent users even though such users possess credentials to gain access to a legitimate user's account information. For example, each login attempt is received at a service provider at a particular time and in many cases, a fraudulent user will send login attempts at times outside of those expected by a service provider. Existing adaptive authentication techniques compare information associated with a login attempt, such as the time of the login and a location from where the login originated, with a historical record of a typical user who exhibits some expected login behavior. For example, if a high percentage of prior login attempts received by the service provider from a particular user occur between the hours of 6 AM and 11 PM daily and from locations within the continental United States, then login attempts between 2 AM and 4 AM from locations across Eastern Europe, have a high risk of being a fraudulent user.
The need for improved and comprehensive authentication systems is rising every day, for example, due to the increase in cybercrime and fraud. Many adaptive authentication systems employ a number of different authentication methods. Authentication methods include, for example, simple passwords, one-time passcodes, biometrics, tokens and certificates. Each authentication method varies by the strength of the method, the addressed authentication factors, and the usability and cost of the method. Existing authentication systems select one or more suitable authentication methods based on the sensitivity and risk of the activity, taking into account usability and cost constraints.
A need remains for improved techniques for selecting a suitable authentication method for a given transaction from among a plurality of available authentication methods based on attributes of the available authentication methods and the context of the activity demanding the authentication.